Technoglitch
Core Member
Hackers have released online 250GB of data they claim they purloined from NASA systems.
"So yeah, we know what you're thinking, hacking NASA? How fucking cliche... If only I had a Dogecoin for every time someone claimed that, amiright?" the group wrote in an online posting.
"It's like the boy who cried wolf but with hacking NASA instead lol. But you might be surprised how low govt security standards can be, especially with a limited budget and clueless boomers controlling the network."
The swiped records include the names, phone numbers, and email addresses of 2,414 NASA staffers, as well as more than 2,000 flight logs and 600 video feeds from the agency's fleet of aircraft. The hacker team, calling itself Anonsec, dumped the data on the web with an explanation of how the hack took place.
NASA makes the vast majority of its research and material public, so it's not clear if the 250GB collection is anything more than publicly available information or information not worth publishing. Still, if miscreants were able to penetrate the space agency's systems, that's embarrassing.
Anonsec said it didn't perform the initial intrusion into NASA, the group claims, but bought access to an agency computer from another hacker. It was only a user account, but the group mapped out what they could of the network and set to work.
The acquired user account turned out to be running on a fully patched version of Debian, but the group did some digging and was able to get access to other machines on the network, several of which had unpatched flaws.
Access was made easier by poor password security, it's claimed. In a scan for accounts using the login and password "root," the first positive hit came up within 0.32 seconds, and linking these enabled them to build a network map of NASA subsystems.
Hackers mirror 250GB of NASA files on the web • The Register
"So yeah, we know what you're thinking, hacking NASA? How fucking cliche... If only I had a Dogecoin for every time someone claimed that, amiright?" the group wrote in an online posting.
"It's like the boy who cried wolf but with hacking NASA instead lol. But you might be surprised how low govt security standards can be, especially with a limited budget and clueless boomers controlling the network."
The swiped records include the names, phone numbers, and email addresses of 2,414 NASA staffers, as well as more than 2,000 flight logs and 600 video feeds from the agency's fleet of aircraft. The hacker team, calling itself Anonsec, dumped the data on the web with an explanation of how the hack took place.
NASA makes the vast majority of its research and material public, so it's not clear if the 250GB collection is anything more than publicly available information or information not worth publishing. Still, if miscreants were able to penetrate the space agency's systems, that's embarrassing.
Anonsec said it didn't perform the initial intrusion into NASA, the group claims, but bought access to an agency computer from another hacker. It was only a user account, but the group mapped out what they could of the network and set to work.
The acquired user account turned out to be running on a fully patched version of Debian, but the group did some digging and was able to get access to other machines on the network, several of which had unpatched flaws.
Access was made easier by poor password security, it's claimed. In a scan for accounts using the login and password "root," the first positive hit came up within 0.32 seconds, and linking these enabled them to build a network map of NASA subsystems.
Hackers mirror 250GB of NASA files on the web • The Register
